Sophos has released an update for the software used on its Web gateway security appliance. The update addresses three serious vulnerabilities in the product’s Web-based user interface. The vulnerabilities could allow attackers to gain access to configuration files containing sensitive information. Sophos addressed the flaws in January 2013, along with other issues discovered during its own security review of the product. The news comes after a penetration tester at Black Hat Europe security conference last month warned that many security appliances contain serious vulnerabilities that were relatively easy to find.”]